The digital telecommunications era has encouraged corporations and institutions to expand their reach globally covering wide geographical areas. Subsequently, there was a need to establish high-speed and secure, yet cost effective communication between the private networks of these corporations and institutions and their corresponding remote individual users or distant sites. This need was satisfied by Virtual Private Network (VPN), a technology where a virtual communication link is created between peer gateways, as and when it is required, over the readily available shared public telecommunication infrastructure, the Internet, to provide remote individual users or distant sites, access to the private networks of their corresponding corporations and institutions. VPN technology, having the advantage of cost effectiveness, superseded the system of leased lines. Dedicated leased lines are expensive, as it requires the use of large bandwidth to provide a permanent communication link between the private networks of these corporations and institutions and their corresponding remote individual users or distant sites.
The challenge faced by VPN technology was the aspect of security, given the fact that confidential data is being transmitted over virtual links that ride on the Internet, a shared public infrastructure that is open to and constantly monitored by third party or competitors. To overcome this, all VPN's are equipped with some form of security system that ensures security of the virtual link, thus maintaining the confidentiality and integrity of data transmitted over these virtual links. Internet Protocol Security (IPSec) is one of the many forms of security systems. IPSec can be implemented either in tunnel mode or transport mode. IPSec tunnel mode encrypts the IP header and the payload, whereas transport mode only encrypts the IP payload. The more commonly used IPSec mode is the tunnel mode, where an IPSec tunnel is created to provide security for confidential data being transmitted over virtual links.
IPSec uses Internet security association and key management protocol (ISAKMP) to establish security associations and cryptographic keys. ISAKMP defines the procedures for authenticating peer gateways, particularly the creation and management of security associations and cryptographic key generation techniques.
Security association is an agreement between peer gateways and it specifies an agreed convention in relation to encryption and hash algorithm as well as information pertaining to cryptographic key lifetime. Cryptographic key generation and distribution is the process of establishing a shared secret between peer gateways and the technique includes, amongst others, quantum cryptography or quantum key distribution (QKD).
The standard deployment of ISAKMP utilizes Internet key exchange (IKE) protocol, a protocol used to securely exchange cryptographic key in an IPSec tunnel, although other exchange protocols or methods may be implemented for the same purpose. IKE uses the Diffie-Hellman algorithm to automate cryptographic key exchange.
The IKE protocol comprises 2 phases; Phase 1 and Phase 2 that peer gateways must go through when establishing security associations. Phase 1 is used to authenticate each peer gateway and to establish a secure channel between these peer gateways. Subsequently, after Phase 1 is completed, Phase 2 will use the secure channel established in Phase 1 to negotiated and generate cryptographic key materials that will be used to generate security association information managed by the security association database.
The standard IKE protocol creates one security association for a single IKE session. Each security association has a lifetime and upon expiration of the same, a new IKE session is initiated to renegotiate a new security association. The frequency of renewing and exchanging security associations is limited, given the fact that IKE is an interactive protocol, where security association renewal and exchange is performed over a shared public infrastructure. Hence, the frequency of renewing security association depends on the complexity of cryptographic key generation, whereas the frequency of exchanging security association depends on the congestion of the public network. One security association for a single IKE session hinders the implementation of short lifetime setup for IPSec keys that enhances the security level of a virtual link created in the VPN. This is due to the fact the implementation of short lifetime setup for IPSec keys requires a high frequency of renewing and exchanging security associations, whereby, if the corresponding security association was not renewed at the time of expiration of the IPSec key lifetime, errors in packet decryption will occur at the receiving gateway. Therefore, the implementation of short lifetime setup for IPSec key requires multiple security associations to be generated in a single IKE session.